Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5021 | 8 Canonical, Debian, Fedoraproject and 5 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2025-04-09 | N/A |
| nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory. | ||||
| CVE-2006-6425 | 1 Novell | 1 Netmail | 2025-04-09 | N/A |
| Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command. | ||||
| CVE-2008-5423 | 3 Novell, Redhat, Sun | 6 Suse Linux Enterprise Server, Enterprise Linux, Java Desktop System and 3 more | 2025-04-09 | N/A |
| Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector. | ||||
| CVE-2006-4177 | 1 Novell | 1 Edirectory | 2025-04-09 | N/A |
| Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended. | ||||
| CVE-2009-3862 | 1 Novell | 1 Edirectory | 2025-04-09 | N/A |
| The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value. | ||||
| CVE-2006-4220 | 1 Novell | 2 Groupwise, Groupwise Webaccess | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in webacc in Novell GroupWise WebAccess before 7 Support Pack 3 Public Beta allow remote attackers to inject arbitrary web script or HTML via the (1) User.html, (2) Error, (3) User.Theme.index, and (4) and User.lang parameters. | ||||
| CVE-2009-3863 | 1 Novell | 1 Groupwise | 2025-04-09 | N/A |
| Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise Client 7.0.3.1294 allows remote attackers to cause a denial of service (application crash) via a long argument to the SetFontFace method. | ||||
| CVE-2006-4511 | 1 Novell | 1 Groupwise Messenger | 2025-04-09 | N/A |
| Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted HTTP POST request to TCP port 8300 with a modified val parameter, which triggers a null dereference related to "zero-size strings in blowfish routines." | ||||
| CVE-2006-4520 | 1 Novell | 1 Edirectory | 2025-04-09 | N/A |
| ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file. | ||||
| CVE-2006-6299 | 1 Novell | 1 Zenworks Asset Management | 2025-04-09 | N/A |
| Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow. | ||||
| CVE-2006-7155 | 1 Novell | 1 Bordermanager | 2025-04-09 | N/A |
| Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286. | ||||
| CVE-2007-1309 | 1 Novell | 1 Access Manager | 2025-04-09 | N/A |
| Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restrictions by making policy.txt read-only, disconnecting, then manually modifying policy.txt. | ||||
| CVE-2009-4486 | 1 Novell | 1 Imanager | 2025-04-09 | N/A |
| Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema. | ||||
| CVE-2007-2476 | 1 Novell | 1 Securelogin | 2025-04-09 | N/A |
| Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes. | ||||
| CVE-2007-2513 | 1 Novell | 1 Groupwise | 2025-04-09 | N/A |
| Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack. | ||||
| CVE-2007-2616 | 1 Novell | 1 Netmail | 2025-04-09 | N/A |
| Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request. | ||||
| CVE-2007-3207 | 1 Novell | 1 Client | 2025-04-09 | N/A |
| Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request. | ||||
| CVE-2007-3571 | 1 Novell | 2 Groupwise, Netware | 2025-04-09 | N/A |
| The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. | ||||
| CVE-2009-0115 | 9 Avaya, Christophe.varoqui, Debian and 6 more | 12 Intuity Audix Lx, Message Networking, Messaging Storage Server and 9 more | 2025-04-09 | 7.8 High |
| The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. | ||||
| CVE-2007-4526 | 2 Netiq, Novell | 2 Identity Manager, Client Login Extension \(cle\) | 2025-04-09 | N/A |
| The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | ||||